class Admin::UsersController < Admin::AdminApplicationController
  layout "admin"
  before_filter :admin_login_required, :except => [ :login ]
  # say something nice, you goof!  something sweet.
  def index
    @users = User.paginate :conditions => ["login <> 'admin'"], :page => params[:page], :order => "login DESC"
  end

  def login
    return unless request.post?
    self.current_user = User.admin_authenticate(params[:login], params[:password])
    if current_user
      if params[:remember_me] == "1"
        self.current_user.remember_me
        cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
      end
      
      redirect_back_or_default admin_users_url
      flash[:notice] = "登陆成功."
    else
      flash[:notice] = "登陆失败，请检查用户名，密码."
    end
  end
  
  def logout
    self.current_user.forget_me if logged_in?
    cookies.delete :auth_token
    reset_session
    flash[:notice] = "You have been logged out."
    redirect_back_or_default admin_users_url
  end
  
  def edit
    @user = User.find(params[:id])
    return unless request.post?
    if @user.update_attributes(params[:user])
       flash[:notice] = '你的信息已经成功更新.'
    end
    redirect_to edit_admin_user_url(@user)
  end
  
  def change_password
    @page_title = '更新你的密码'
    @user = User.find(params[:id])
    return unless request.post?
    if (params[:password] == params[:password_confirmation])
      @user.password_confirmation = params[:password_confirmation]
      @user.password = params[:password]
      flash[:notice] = @user.save ?
            "修改密码成功" :
            "修改密码失败" 
    else
      flash[:notice] = "密码不匹配" 
      @old_password = params[:old_password]
    end
  end
  
  def search
    if params[:q].nil?
      redirect_back_or_default admin_users_url
    else
      #@users = User.find_by_contents(params[:q])
       @users = User.paginate_search(params[:q], {:page => params[:page]})
    end
  end
  
  def batch_deal
    return unless request.post?
    if params[:commit] == '禁用选中的用户'
      batch_disable
    elsif params[:commit] == '激活选中的用户'
      batch_enable
    end
  end  
  
  private
  def batch_disable
    users_to_disable = params[:to_be_deal]
	if !users_to_disable.empty?
	  users_to_disable.each do |user_id, do_it|
        if do_it == "yes"
          user = User.find(user_id)
          disable(user)
        end
      end
    end
	redirect_to :back
  end
  
  def batch_enable
    users_to_enable = params[:to_be_deal]
	if !users_to_enable.empty?
	  users_to_enable.each do |user_id, do_it|
        if do_it == "yes"
          user = User.find(user_id)
          enable(user)
        end
      end
    end
	redirect_to :back
  end
  
  def disable(user)
    if user.is_banned == false
      user.is_banned = 1
      user.banned_at = Time.now
      user.save!
    end
  end
  
  def enable(user)
    if user.is_banned == true
      user.is_banned = 0
      user.save!
    end
    user.update_attributes(:activated_at => Time.now, :activation_code => nil)
  end
end
